| Task 3. Configure Enhanced Username Password Security on Routers R1 and R3.
Step 1: Investigate the options for the username command.
R1(config)#username user01 password ?
What options are available?
0 Spécifie qu'un mot de passe non crypté suivra
7 Spécifie qu'un mot de passe masqué suivra
Step 2: Create a new user account using the username command.
Create the user01 account, specifying the password with no encryption.
R1(config)#username user01 password 0 user01pass
Step 3: Create a new user account with a secret password.
Create a new user account with MD5 hashing to encrypt the password.
R1(config)#username user02 secret user02pass
Exit global configuration mode and save your configuration.
Display the running configuration. Which hashing method is used for the password?
La method utilsée est MD5, parce que le mot de passe secret était configuré.
Step 4: Test the new account by logging in to the console.
Set the console line to use the locally defined login accounts.
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#end
R1#exit
Exit to the initial router screen which displays: R1 con0 is now available, Press RETURN to get started.
Log in using the user01 account and password previously defined.
What is the difference between logging in at the console now and previously?
Vous êtes invité à entrer un nom d'utilisateur ainsi qu'un mot de passe.
After logging in, issue the show run command. Were you able to issue the command? Why or why not?
Non, il nécessite le niveau EXEC privilégié.
Enter privileged EXEC mode using the enable command. Were you prompted for a password? Why or why not? Oui, les nouveaux utilisateurs créés devront toujours saisir le mot de passe d'activation secret pour passer en mode d'exécution privilégié.
Step 5: Test the new account by logging in from a Telnet session.
From PC-A, establish a Telnet session with R1.
PC-A>telnet 192.168.1.1
Were you prompted for a user account? Why or why not?
Non, les lignes vty n'étaient pas configurées pour utiliser les comptes définis localement comme l'était la console ligne 0.
Set the vty lines to use the locally defined login accounts.
R1(config)#line vty 0 4
R1(config-line)#login local
From PC-A, telnet to R1 again.
PC-A>telnet 192.168.1.1
Were you prompted for a user account? Why or why not?
OUI
Log in as user01 with a password of user01pass.
While telnetted to R1, access privileged EXEC mode with the enable command.
What password did you use?
Le mot de passe d'activation secret, cisco12345
R1(config)#line aux 0
R1(config-line)#login local
End the Telnet session with the exit command.
Task 4:
Share with your friends: | 
